Class: WardenOauthProvider::ProviderStrategy

Inherits:
Warden::Strategies::Base
  • Object
show all
Includes:
OAuth::Helper
Defined in:
lib/warden_oauth_provider/provider_strategy.rb

Instance Method Summary collapse

Instance Method Details

#authenticate!Object 



16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
 
# File 'lib/warden_oauth_provider/provider_strategy.rb', line 16

def authenticate!
  fail!("Invalid signature or nonce") and return if !verify_request

  case request.path
  when warden.config.oauth_request_token_path
    
    # Return a request token for the client application
    request_token = WardenOauthProvider::Token::Request.create!(:client_application => client_application, :callback_url => oauth_request.oauth_callback)
    custom! [200, { 'Content-Type' => 'text/html' }, ["oauth_token=#{escape(request_token.token)}&oauth_token_secret=#{escape(request_token.secret)}&oauth_callback_confirmed=true"]]
  when warden.config.oauth_access_token_path
    
    if xauth_params? and xauth_mode == 'client_auth'
      
      # Get the user authentication proc from the settings
      user_authentication = warden.config.xauth_user || Proc.new { |env, username, password| nil }
      
      # Create an access token when the client application has xauth enabled and the user can be authenticated
      if client_application.xauth_enabled? and (user = user_authentication.call(env, xauth_username, xauth_password))
        access_token = WardenOauthProvider::Token::Access.create!(:client_application => client_application, :user => user)
      elsif user.nil?
        fail!("Authentication failed")
      else
        fail!("xauth not allowed for client application")
      end
    else 

      # Exchange the access token and return it
      if !(access_token = (current_token && current_token.exchange!(oauth_request.oauth_verifier)))
        fail!("Request token exchange failed")
      end
    end
    
    if access_token
      custom! [200, { 'Content-Type' => 'text/html' }, ["oauth_token=#{escape(access_token.token)}&oauth_token_secret=#{escape(access_token.secret)}"]]        
    end
  else
    
    # Validate the current token as an access token and allow access to the resources
    if current_token and current_token.is_a?(WardenOauthProvider::Token::Access)
      success!(current_token.user)
    else
      fail!("Invalid access token")
    end          
  end
end

#valid?Boolean

Returns:

  • (Boolean) 


12
13
14
 
# File 'lib/warden_oauth_provider/provider_strategy.rb', line 12

def valid?
  oauth_request.oauth_parameters.length > 1
end